堆栈内存溢出
  简体   繁体   English

在负载平衡器之后进行MVC HTTPS重定向

[英]MVC HTTPS redirection when behind a load balancer

 原文  2017-02-17 19:21:21       asp.net-mvc/ iis/ url-rewriting/ elastic-load-balancer

问题描述

I'm using MVC5 in some IIS servers on Amazon EC2, behind a Amazon Elastic Load Balancer. 我在Amazon Elastic Load Balancer后面的Amazon EC2上的某些IIS服务器中使用MVC5。 IIS servers runs only HTTP protocol, and ELB converts to HTTPS. IIS服务器仅运行HTTP协议,并且ELB转换为HTTPS。

IIS server doesn't know if user is accessing thru HTTPS, so I have a rewrite rule checking "X-Forwarded-Proto" header to redirect user to HTTPS. IIS服务器不知道用户是否通过HTTPS访问,因此我有一个重写规则,检查“ X-Forwarded-Proto”标头以将用户重定向到HTTPS。

Unfortunately, when a login is required, MVC/IIS redirects user to a logon page in HTTP . 不幸的是,当需要登录时,MVC / IIS会将用户重定向到HTTP中登录页面

If I check my website in a tool like http://www.redirect-checker.org/ I get these type of results: 如果我使用http://www.redirect-checker.org/之类的工具检查我的网站,则会得到以下结果:

http://example.com/ http://example.com/

301 Moved Permanently (my URL rewrite rule) 301永久移动(我的URL重写规则)

https://example.com/ https://example.com/

302 Found (Login-required redirect -> why to HTTP?) 找到302(需要登录名重定向->为什么要HTTP?)

http://example.com/Account/Logon?ReturnUrl=%2F http://example.com/Account/Logon?ReturnUrl=%2F

301 Moved Permanently (again my URL rewrite rule) 301永久移动(同样,我的URL重写规则)

https://example.com/Account/Logon?ReturnUrl=%2F https://example.com/Account/Logon?ReturnUrl=%2F

200 OK 200 OK

Am I missing something? 我想念什么吗?

Can I configure login-redirect to keep protocol, eliminating one of these redirects? 我可以配置登录重定向以保留协议,从而消除这些重定向之一吗?

Better yet, can I somehow precede login-redirect rule and make it force HTTPS, in order to have only one redirect? 更好的是,为了只进行一个重定向,我可以以某种方式优先于登录重定向规则并使其强制HTTPS吗?

Thanks a lot! 非常感谢!

Appendix: I checked that commands like "RedirectToAction" send address like "/Index2", not the whole " http://example.com/Index2 ". 附录:我检查了像“ RedirectToAction”这样的命令发送的地址是“ / Index2”,而不是整个“ http://example.com/Index2 ”。 This is fine, so it keeps the user protocol. 很好,因此保留了用户协议。

1 个解决方案

解决方案1
 0 已采纳  2017-02-18 08:39:31

Assuming you're using ASP.NET forms authentication, have a look in your web.config for your Authentication configuration and add requireSsl="true" to the <forms> element, as below: 假设您使用的是ASP.NET表单身份验证,请在web.config中查看Authentication配置,然后将requireSsl="true"添加到<forms>元素中,如下所示: 

<authentication mode="Forms">
      <forms loginUrl="~/Account/LogOn" timeout="2880" requireSSL="true" />
</authentication>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 带有MVC Client的Identity Server在AWS Load Balancer后面运行 - Identity Server with MVC Client running behind an AWS Load Balancer jQuery获取虚拟目录中的位置以及负载均衡器后面的位置(MVC Web API) - jquery GET to location in virtual directory AND behind a load balancer (mvc web api) ASP.NET MVC应用-AWS Load Balancer重定向Http到Https - ASP.NET MVC App - AWS Load Balancer Redirect Http to Https 负载平衡器中断了外部登录,因为重定向uri是http(不是https) - Load Balancer breaks external login, because redirect uri is http (not https) ASP.NET MVC,Windows身份验证和负载平衡器探针 - ASP.NET MVC, Windows Authentication and load balancer probes 从IFrame重定向后,在框架外加载MVC视图 - Load MVC View out of frame after redirection from an IFrame 负载均衡器到位时获取真实客户端 IP 地址的问题 - Issue with getting Real Client IP Address when load balancer is in place 使用分页mvc时如何转义循环重定向? - How to escape circular redirection when using paging mvc? MVC和OpenID重定向问题 - MVC and OpenID Redirection Problems MVC路由重定向 - MVC Routing Redirection
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM